CSO Online

LangChain path traversal bug adds to input validation woes in AI pipelines

The path traversal flaw, allowing access to arbitrary files, adds to a growing set of input validation issues in AI pipelines.
ITWire

From path traversal to supply chain compromise: breaking MCP server hosting

COMPANY NEWS: We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered ...
CSOonline

Enterprises with Kyocera printers open to path traversal attacks

Multi-function printer (MFP) devices and software provider Kyocera Document Solutions has a path traversal vulnerability in its web-based device manager tool used for managing large printer fleets in ...
IT News For Australia Business

Serious path traversal bug found in Microsoft's NLWeb "Agentic Web" tool

Microsoft's open source NLWeb framework for delivering AI-driven agentic web applications shipped with an easy to exploit path traversal vulnerability that revealed the context of sensitive system ...
heise online

Page 2: Java libraries that help mitigate CWE-22

Apache Commons IO provides a set of utilities for working with the file system that can be helpful in preventing path traversal vulnerabilities. The FilenameUtils class contains methods for ...
Threat Post

Netgear Management System Vulnerable to RCE, Path Traversal Attacks

Netgear’s Network Management System suffers from two vulnerabilities, an arbitrary file upload and a path traversal, which could let a remote attacker execute code and download files. Netgear’s ...